Abaker | September 12, 2012

Quick Prep for Cyber Security Awareness Month

If you were too busy to catch the Wombat webinar series to help you prepare for Cyber Security Awareness Month we’re providing the Cliff Notes version here. Our webinar series covered three broad topics: the challenges of providing security awareness training, six principles for creating effective training and twenty different ways to measure your training efforts. The final webinar summed up all of these key points and then showed attendees how all of the best practices are inrtegrated into Wombat’s Security Awareness Training platform.

The webinar series had rave reviews from the attendees.

“The combination of background, overview, and practical recommended actions was very wow, and especially with great speakers who engaged and entertained the audience.

CISA, CISSP
Enterprise Security Department
Leading Insurance Company

“I found her (Rebecca Herold) to be extremely helpful and great content was provided!”

Information Security Officer
International Retailer

Here’s a quick summary of what you missed:

Why traditional training methods don’t work

 

  1. Making bad assumptions about level of knowledge –Create a baseline of knowledge
  2. Treating security awareness and training like a side issue – Fight for funding and resources
  3. Using technologists to train – Ensure your awareness expert has education expertise

Six principles for effective training (there are actually 10 but we only presented 6 of them)

 

  1. Serve small bites – Limit lessons to 10 min or less
  2. Reinforce lessons – Practice concepts right after learning
  3. Train in context – Train in the context people will most likely be attacked
  4. Give immediate feedback
  5. Let them set the pace –Everyone learns at their own pace, has their own schedule
  6. Offer conceptual and procedural knowledge – Teach both what and how

Six measurement tactics (out of 20 provided by Rebecca)

 

  1. Tests and quizzes – To measure knowledge, not to train
  2. Monitoring non-compliance – Ensure you know who hasn’t completed training
  3. Identify gaps in knowledge—Determine in which topics people are least knowledgeable
  4. Training scores—Capture training scores to compare against previous and future training
  5. Percentage of groups attending training—Understand how much of your organization you train
  6. Incorporate into annual performance appraisals—Use your goal and objective setting and monitoring process to increase employee engagement

We’d like to thank Ira Winkler and Rebecca Herold for their captivating presentations and practical discussions about security awareness training.

You’ll find the replays of the first two webinars here. http://www.wombatsecurity.com/webinar-series

To gain access to the third webinar, please email me with your corporate contact information.

If you’d like a personal demonstration of the latest version of our Security Training Platform you can follow this link to request a demonstration.

http://www.wombatsecurity.com/trainingplatform

Subscribe to Our Blog

2018 State of the Phish Report  Protect your organization from phishing attacks. Download Now
2018 Beyond the Phish Report  Protect your organization from threats including and beyond phishing. Download Now